click links in text for more info
SUMMARY / RELATED TOPICS

Buffer overflow

In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations. Buffers are areas of memory set aside to hold data while moving it from one section of a program to another, or between programs. Buffer overflows can be triggered by malformed inputs. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, crashes. Exploiting the behavior of a buffer overflow is a well-known security exploit. On many systems, the memory layout of a program, or the system as a whole, is well defined. By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code and replace it with malicious code, or to selectively overwrite data pertaining to the program's state, therefore causing behavior, not intended by the original programmer.

Buffers are widespread in operating system code, so it is possible to make attacks that perform privilege escalation and gain unlimited access to the computer's resources. The famed Morris worm in 1988 used this as one of its attack techniques. Programming languages associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array is within the boundaries of that array. Bounds checking requires additional code and processing time. Modern operating systems use a variety of techniques to combat malicious buffer overflows, notably by randomizing the layout of memory, or deliberately leaving space between buffers and looking for actions that write into those areas. A buffer overflow occurs when data written to a buffer corrupts data values in memory addresses adjacent to the destination buffer due to insufficient bounds checking; this can occur when copying data from one buffer to another without first checking that the data fits within the destination buffer.

In the following example expressed in C, a program has two variables which are adjacent in memory: an 8-byte-long string buffer, A, a two-byte big-endian integer, B. A contains nothing but zero bytes, B contains the number 1979. Now, the program attempts to store the null-terminated string "excessive" with ASCII encoding in the A buffer. "excessive" is 9 characters long and encodes to 10 bytes including the null terminator, but A can take only 8 bytes. By failing to check the length of the string, it overwrites the value of B: B's value has now been inadvertently replaced by a number formed from part of the character string. In this example "e" followed by a zero byte would become 25856. Writing data past the end of allocated memory can sometimes be detected by the operating system to generate a segmentation fault error that terminates the process. To prevent the buffer overflow from happening in this example, the call to strcpy could be replaced with strlcpy, which takes the maximum capacity of A as an additional parameter and ensures that no more than this amount of data is written to A: When available, the strlcpy library function is preferred over strncpy which does not null-terminate the destination buffer if the source string's length is greater than or equal to the size of the buffer, therefore A may not be null-terminated and cannot be treated as a valid C-style string.

The techniques to exploit a buffer overflow vulnerability vary by architecture, by operating system and by memory region. For example, exploitation on the heap, differs markedly from exploitation on the call stack. A technically inclined user may exploit stack-based buffer overflows to manipulate the program to their advantage in one of several ways: By overwriting a local variable, located near the vulnerable buffer on the stack, in order to change the behavior of the program By overwriting the return address in a stack frame. Once the function returns, execution will resume at the return address as specified by the attacker - a user-input filled buffer By overwriting a function pointer or exception handler, subsequently executed By overwriting a local variable of a different stack frame, which will be used by the function which owns that frame later. If the address of the user-supplied data used to effect the stack buffer overflow is unpredictable, exploiting a stack buffer overflow to cause remote code execution becomes much more difficult.

One technique that can be used to exploit such a buffer overflow is called "trampolining". In that technique, an attacker will find a pointer to the vulnerable stack buffer, compute the location of their shellcode relative to that pointer, they will use the overwrite to jump to an instruction in memory which will make a second jump, this time relative to the pointer. Suitable instructions are present in large code; the Metasploit Project, for example, maintains a database of suitable opcodes, though it lists only those found in the Windows operating system. A buffer overflow occurring in the heap data area is referred to as a heap overflow and is exploitable in a manner different from that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-tim

Essau Kanyenda

Essau Boxer Kanyenda is a former Malawian international footballer who played as a striker. Kanyenda started his career in 1998 in Malawi's First Division for FC Welfare in Dwangwa, he was spotted by Jomo Sono the owner of Jomo Cosmos FC during the Cosafa under 17 in 1999. He has been with Jomo Cosmos under 17 alongside Peter Mponda, in two tours in Italy where he played several games and become second top goalscorer in both occasions, he turned professional and played in the Premier League of Malawi from 1999–2001 for FC Dwasco, before moving to South Africa to play in its Premier League, with Jomo Cosmos in Johannesburg between 2001 and 2003. In 2003, Kanyenda moved for FC Rostov in Russia's Premier League. In 2005, he left for FC Lokomotiv Moscow after being the third top goal scorer in Russian top league, but re-joined FC Rostov on loan until December 2007. After two years with FC Lokomotiv Moscow joined in January 2008 to FC KAMAZ Naberezhnye Chelny, he was their top goalscorer in that season.

Kanyenda has played for Rotor Volgograd Dynamo Bryansk In spring 2012 he was persuaded to join the Danish side B93 by the former Malawi national football team manager Kim Splidsboel. In September 2012, he signed a contract with the South African side Polokwane City, he lives in Manchester with family. Kanyenda is a member of the Malawi national football team, beginning his international career on 12 March 2000 against Zambia. Born as Esau Boxer Kanyenda, to Binwell Boxer Kanyenda and Florence Phiri. Born in a family of seven. Five boys and two girls, he lost his mother in April 1994 and his elder brother in September 2003. His father is retired accountant in Malawi government Kanyenda used to play the street football with his friends; the Malawian will be the first Malawian football player to play in UEFA Champions League as far as Malawian football is concern. Russian title-holders FC Lokomotiv Moskva have signed Malawi striker Esau Kanyenda from FC Rostov ahead of their UEFA Champions League qualifying campaign.

Rostov commitments Kanyenda will join Lokomotiv on a five-year contract after playing in Rostov's next three league games. The 22-year-old has been with the Premier-Liga team since 2003, having scored 26 goals in 46 appearances for South African side Jomo Cosmos. Vital goals He has found the target twenty six times in 62 matches for Rostov and helped the club reach the Russian Cup final in 2003. However, Kanyenda has registered only seventh this season, although those goals brought second-from-bottom Rostov their first points of the campaign against FC Shinnik Yaroslavl and FC Rubin Kazan. In 2006, Kanyenda was recognised as the first African ambassador to represent the Russian Black Sea resort city of Sochi's bid to host the 2014 Winter Olympics bid; the Malawians have never produce the good striker like Kanyenda. He is well known in Russia as well as in South Africa as Black Mamba In 2002, Kanyenda went for the trials with French top side Marseille,Monday, 20 January 2003 Kanyenda scored five goals in five trial matches Malawi striker Essau Kanyenda has signed for French side Marseille on a six-month loan deal.

The young forward won a deal after making a great impact while on trial from South African side Jomo Cosmos. "They were impressed with my performance and offered to sign me on loan with an option to buy," Kanyenda confirmed to the Malawian newspaper The Nation. "The head coach said my performance throughout the trials was beyond his realistic expectations and that I reminded him of former Liberian star George Weah." Kanyenda added that he had signed straight away. "I didn't have to think twice after taking a look at the copy of the contract," he said. "It is an appetising contract though I would have loved it if they had bought me outright." At Marseille, Kanyenda will link up with Ivory Coast's Ibrahim Bakayoko. He became the second Malawian to play in the French league, after Ernest Mtawali, once with Toulouse. Unluckily the deal was flop because of technical reasons, he said on Cosmos website. Essau Kanyenda at National-Football-Teams.com Stats at FIFA.com

De La Fratta

De La Fratta or Cesta is one of three peaks which overlook the city of San Marino, the capital of San Marino. The other two are Montale; the tower is located on the highest of Monte Titano's summits. A museum to honor Saint Marinus, created in 1956, is located in this tower and showcases over 1,550 weapons dating from the medieval era to the modern day, it was constructed in the 13th century on the remains of an older Roman fort. Just like other two towers in San Marino, it is depicted on the national flag. Guaita Montale Three Towers of San Marino City of San Marino Sammarinese Museum of Ancient Arms Geographic data related to De La Fratta at OpenStreetMap

List of ambassadors of the United Kingdom to China

The Ambassador of the United Kingdom to China is the United Kingdom's foremost diplomatic representative in the People's Republic of China, in charge of the UK's diplomatic mission in China. The official title is Her Britannic Majesty's Ambassador to the People's Republic of China; the UK recognized the People's Republic of China in 1950, although the PRC did not agree to the exchange of ambassadors until 1972. Prior to this, the United Kingdom had sent ministers to the Qing Empire and variously ministers and ambassadors to the Republic of China; the Embassy offices have been located in Nanking, or both. The British Ambassador to China is Barbara Woodward, she became ambassador from February 2015. 1792-1794: George Macartney, 1st Earl Macartney The United Kingdom recognized Communist China in 1950 and posted a chargé d'affaires in the new capital of Beijing. However, China was unwilling to exchange ambassadors until the British consulate in Taipei was withdrawn in 1972. UK and China, gov.uk

Purple economy

The purple economy is that part of the economy which contributes to sustainable development by promoting the cultural potential of goods and services. “The purple economy refers to taking account of cultural aspects in economics. It designates an economy that adapts to the human diversity in globalization and that relies on the cultural dimension to give value to goods and services.” These two trends, one vertical and one horizontal, feed one another. In fact the growth in the cultural component attached to products is linked to each territory’s cultural vitality; the context of the purple economy is that of the growing importance of culture in contemporary society. The factors involved in this include in particular: a global economic and political readjustment in favour of emerging countries, a return to local environments, new forms of claims, growing social demand for quality based on cultural consumption patterns, innovative approaches, so on; the purple economy is multidisciplinary, in that it enriches all goods and services by capitalizing on the cultural dimension inherent to every sector.

The sensory, experiential economy is one application of this. It differs from the cultural economy, sector-based. In June 2013, the conclusions of a first inter-institutional working group on the purple economy, formed of experts from UNESCO, the OECD, the International Organisation of the Francophonie, French ministries, various companies and civil society; that document underscored the impact of the phenomenon of culturalization, which now affects the entire economy, with follow-on effects on employment and training. The report differentiates between purple jobs and purplifying professions: the former are directly linked to the cultural environment by their purpose, while the latter are caused to transform under the effect of culturalization. Another reference document published in June 2017 mentioned various aspects of the human environment in which economics are to produce cultural benefits: architecture, colours, ethics, imagination, social skills, etc; the term first appeared in France, in a manifest published on Le Monde.fr.

The signatories included the board members of the association Diversum, which organized the first International Purple Economy Forum under the patronage of UNESCO, the European Parliament and the European Commission. The purple economy emphasizes the presence of externalities: the cultural environment from which agents draw and on which, in return, they leave their own footprints is a common good; as a result, the purple economy sees culture as an axis for sustainable development. In fact, culture has been a whole sub-section of sustainability since the beginning. Corporate social responsibility can be said to have originated in the International Covenant on Economic and Cultural Rights adopted by the United Nations in 1966; this issue is just one of the different components of sustainable development, alongside concerns relating to the natural environment and to the social environment. The complementary nature of these aspects of the sustainable economy was reaffirmed in a call published by Le Monde Économie in 2015, leading up to the 21st United Nations Conference on Climate Change.

Cognitive-cultural economy Cultural diversity Cultural footprint Globalization Knowledge economy Sustainable development

South Yuba Canal Office

The South Yuba Canal Office was the headquarters for the largest network of water flumes and ditches in California. It is located at 134 Main Street, Nevada City, California, USA. Built in 1855, it was known as the Potter Building. A two story brick structure, it was fitted with iron doors and shutters, plus a filigree balcony railing; the space was first used as a drug store. From 1857 to 1880, it functioned as the South Yuba Canal Office; the Nevada City Chamber of Commerce is the building's current occupant. It is the oldest business building in Nevada City; the South Yuba Canal Water Company, run from this office was the first incorporated to supply water for hydraulic mining. Named in 1854 as the Rock Creek, Deer Creek, South Yuba Canal Company as a consolidation of three rival ditch companies, the name was shortened in 1870 to the South Yuba Canal Company; the company built and operated flumes and water ditches that carried water to connecting water systems that supplied hundreds of hydraulic mines in the area.

In 1882, the company built a dam at Lake Fordyce to trap snowmelt and runoff for release in the dry season. The company entered the utility business, in 1905, its holdings went on to become a part of the Pacific Gas and Electric Company's hydroelectric system; the company's original ditch was put into use in 1850. The South Yuba Canal is now part of the public lands of the Tahoe National Forest; the South Yuba Canal System is used for delivering domestic and agricultural water to Nevada City and its neighbor Grass Valley. The water generates electricity in Northern California, it is 18 mi in length. Crossing private and National Forest lands, the canal is bordered by hardwoods; the building is honored as the California Historical Landmark No. 832. The plaque's inscription reads: SOUTH YUBA CANAL OFFICE Headquarters for the largest network of water flumes and ditches in the state; the South Yuba Canal Water Company was the first incorporated to supply water for hydraulic mining. The original ditch was in use in May 1850, this company office was in use from 1857 to 1880.

The holdings became part of the vast PG&E hydroelectric system... California Registered Historical Landmark No. 832.. Plaque placed by the State Department of Parks and Recreation in cooperation with the Nevada County Historical Landmarks Commission and the California Heritage Council, May 16, 1970. Photo